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Claims 

1 . A network device having operating software but no configuration data allowing it 
to carry out its intended purpose which network device is remotely programmable 

5 with configuration data as a whole but which network device or operating 

software has no facility to allow any incremental change of configuration data. 

2. A network device as claimed in claim 1 wherein the device configuration data is 
held in random access memory (RAM) and is lost when no network device supply 
voltage is present 

10 3 . A network device as claimed in claim 1 wherein the device software contains a 
routine which on initialisation attempts to contact a remote verification authority 
to authorise retrieval of configuration data from a configuration authority. 

4. A network device as claimed in claim 3 wherein the device software contains only 
the routine for contacting the remote verification authority and receiving data from 

15 the remote configuration authority. 

5 . A network device as claimed in claim 3 wherein the contact with the remote 
verification authority is subject to encryption. 

6. A network device as claimed in claim 2 wherein the device initially contains an 
input filter which will only receive configuration data from a specified remote 

20 configuration authority address. 

7. A network device as claimed in claim 1 wherein the device is a router which is 
integral with a modem. 

8. A router as claimed in claim 7 wherein the modem is an asymmetric digital 
subscriber line (ADSL) modem. 

25 9. A method of configuring a network device which loses its configuration data on 
power loss comprising providing a network device without user configuration 

data > providing within the network device a routine which securely contacts a - - 

remote verification authority, and downloading from a remote configuration 
authority authorised by the remote verification authority the entire configuration 

30 data. 



WO 2004/059508 



9 



PCT7NZ2003/000265 



10. A method as claimed in claim 9 wherein the network device is a router. 

1 1 . A method as claimed in claim 10 wherein the router is part of an ADSL modem. 

12. A method as claimed in claim 9 wherein the network device is capable of being 
configured only by remote download of the complete configuration data. 

13. A method as claimed in claim 9 wherein the network device routine which 
contacts the remote verification authority carries out any information transfer 
using secure encryption. 

14. A method as claimed in claim 1 1 wherein the secure encryption uses a public key 
encryption method. 

1 5. A method as claimed in claim 14 wherein the private key for the network device is 
provided by a device temporarily connected to the network device. 

16. A method as claimed in claim 15 wherein the temporarily connected device is a 
USB memory device. 

1 7. A method as claimed in claim 9 wherein the configuration data is also lost from 
the network device on any intrusion attempt. 

1 8. A method of providing communication between two network devices of unknown 
network address wherein each device is required to download its configuration 
parameters from a server at a known network address each time the device is 
initialised, the devices allocated network addresses are stored at server, the server 
being queriable for the allocated network addresses of the two network devices, 
and wherein communications can be initiated between the two network addresses 
from this data. 

19. A method as claimed in claim 18 wherein the two network devices are routers. 

20. A melhod as claimed in claim 19 wherein the routers form part of ADSL modems. 



